Oct 15, 2014 8:35 AM
39 Posts

Poodle SSL vulnerability

  • Category: Domino Server
  • Platform: Windows
  • Release: 9.0.1
  • Role: Administrator
  • Tags:
  • Replies: 31

Can IBM please advise how customers should mitigate against the latest zero day vulnerabilities that have been identified?

http://googleonlinesecurity.blogspot.co.uk/2014/10/this-poodle-bites-exploiting-ssl-30.html

It seems that the general advise is to disable SSL v3.0... However, as we all know Domino does not support TLS!

Please do not tell us to use IBM HTTP server as that is limited to HTTP only and is also only supported on Windows and is 32bit!!

Chrome & Firefox will be disabling SSL v3.0 in their next browser releases... I do hope that this isn't the death knell for Domino...

Oct 16, 2014 8:43 AM
5 Posts
Re: Poodle SSL vulnerability (need IBM response)
An excellent question, Mr. Gibbs. This is of immediate and compelling interest to ALL IBM Domino admins, developers, and users.

IBM has traditionally portrayed itself as a key vendor of secure and reliable software. 

 

 
Oct 16, 2014 11:18 AM
26 Posts
Poodle SSL vulnerability
FYI:
 
This post is in regards to the SSLv3 vulnerability (CVE-2104-3566) that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. 
IBM is analyzing its products to determine which ones may be affected by this vulnerability. Please actively monitor both your IBM Support Portal for available fixes and mitigations and this blog for additional information.
IBM recommends that you review your entire environment to identify areas that enable the SSLv3 protocol and take appropriate mitigation (such as disabling SSLv3) and remediation actions. 

https://www-304.ibm.com/connections/blogs/PSIRT/entry/sslv3_vulnerable_to_cve_2014_3566_poodle_attack?lang=en_us

Oct 16, 2014 11:49 AM
39 Posts
Are you serious...?

Marcin - Do you work for IBM?

If I advise all my customers to disable SSLv3 in Domino they will no longer be able to establish a secure HTTP/SMTP/LDAP/IMAP etc session with the server!!!!

They will very soon decide that moving to another product is the right way for them! Please speak to your managers and address this issue directly... They are waiting for an official IBM response that directly answers their concerns regarding Domino, not a woolly general statement that would end with them not able to connect to their servers.

Oct 16, 2014 11:59 AM
26 Posts
Poodle SSL vulnerability
A public statement is actively being worked.  Before we publish, we need to complete our fix and delivery plans.   
This statement will be available shortly.
Oct 16, 2014 1:05 PM
10 Posts
Are in a secure internal network?
If the client and server are in a secure internal network then they should not be at risk to this SSL 3.0 vulnerability.

"if an attacker that controls the network between the client and the server interferes with any attempted handshake"...
The attacker gets between the user's browser and the web server in the network, and causes multiple protocol downgrade handshakes and captures a little more HTTP cookie information each time,

https://www.openssl.org/~bodo/ssl-poodle.pdf
Oct 16, 2014 3:22 PM
90 Posts
Re: Poodle SSL vulnerability
Greetings,

We are currently working on statements regarding solutions for our clients with concerns around TLS and SHA-2.

Thanks,

    dave

David Kern | Resident Paranoid
STSM, Global ICS Security Architect
Oct 16, 2014 10:56 PM
5 Posts
Re: Poodle SSL vulnerability

Thanks for the messages, Mr. Kern and Mr. Miszkiel !

We eagerly await more information.

 

Oct 17, 2014 8:42 AM
3 Posts
Prevent fallback on IHS

THIS IS NOT AN OFFICIAL IBM STATEMENT

For those who are unwilling / unable to wait for IBM's official statement on this, Domino can be configured with an IBM IHS server to support TLS connections from end users. NOTE: This IHS server module is supported only on Windows.

This  document outlines the methodology: http://www-01.ibm.com/support/docview.wss?uid=swg27039743&aid=1.

This technote outlines setting it up on the same machine:  http://www-01.ibm.com/support/docview.wss?uid=swg21612316.

Remember you will also need to use the "SSLProtocolDisable SSLv3" configuration parameter in the IHS server config to disable SSLv3 or use other parameters to disable affected modes (if that's even possible - POODLE affects padding on  CBC encryption modes, although I cannot state if modes like ECB are immune , and they may also suffer from other catastrphic secruity flaws. Still,  this is potentially an option if your  clients cannot support TLS). I would also recommend taking out SSLv2 - given attacks like BEAST etc.

If setting up this approach you should also cosider making sure your Domino servers are only accessible by the IHS server (i.e. firewall off other connections, if using the same machine, bind domino only to localhost).

Once again - THIS IS NOT AN OFFICIAL IBM STATEMENT AND THIS APPROACH MAY NOT BE SUPPORTED.

Oct 17, 2014 4:00 PM
1 Posts
We need SMTP support for TLS

Our ISP shut down all our Outbound mail due to lack of support for TLS over SMTP. This is unacceptable for us and I would assume for just about any company. Thus we had to route all our mail directly to the Internet which by-passed all the security features we were paying for from our ISP. They have since patched to let us back in but we were down for about 2 hours yesterday, UNACCEPTABLE!

IBM please pay attention to those of use using Domino for our SMTP gateway. IHS is for HTTP only. A support rep from IBM sent us an email telling us to configure IHS for TLS for our SMTP server. I was shocked at the lack of knowledge about this.

Please do NOT forget many of us need a fix for TLS for SMTP SMTP SMTP SMTP SMTP SMTP SMTP!!!!

Oct 17, 2014 5:59 PM
90 Posts
We understand that TLS 1.0 support for SMTP is critically important
We are currently working on statements regarding solutions for our clients with concerns around TLS and SHA-2.

I'll try to update these threads with links once they are available.
Oct 20, 2014 6:45 PM
1 Posts
Our experience using IHS for SSL traffic into Domino

I have been working with IBM Support for the past two weeks to enable the IHS server on the Domino server for HTTP. So far, we have success at getting port 80 traffic through IHS to the Domino server, and are still trying to get port 443 traffic from IHS through to the Domino server - we get an error message - The Connection was Interrupted in FireFox

We used the IKeyMan utility to get the SSL certificates into the IHS system - the Domino keyring files are not used in this configuration.

Here are links to some of this, and I will post more as this evolves.

Google will start flagging this in browsers Nov1, and the the others will follow suit shortly

Here are some links for troubleshooting tips.


Open Mic Webcast: Implementing TLS support with IBM Domino 9.x and IBM HTTP Server (IHS) - 19 November 2013 (Q&A, presentation, audio recording)
http://www-01.ibm.com/support/docview.wss?uid=swg27039743

IBM HTTP SSL Server Questions and Answers
http://publib.boulder.ibm.com/httpserv/ihsdiag/ssl_questions.html

Is it possible to run IBM HTTP Server (IHS) on the same computer as a Domino server?
http://www-01.ibm.com/support/docview.wss?uid=swg21612316

Installing the IBM HTTP server module to support TLS
http://www-12.lotus.com/ldd/doc/domino_notes/9.0/help9_admin.nsf/855dc7fcfd5fec9a85256b870069c0ab/caa25dc9fd95076b85257b19005b3894?OpenDocument&Highlight=0,Installing,the,IBM,HTTP,server,module,to,support,TLS
--------------------------------------------------------------------------------------------------------------------------------------------------------------------

IKeyMan SSL Setup

http://www-01.ibm.com/support/docview.wss?uid=swg21006430
 

Oct 18, 2014 2:51 PM
5 Posts
Re: Poodle SSL vulnerability

Let's hope IBM is using the Traveler team's development mindset when coming up with the fixes, "it just works.... you don't have to screw with it endlessly"

Oct 20, 2014 3:36 PM
8 Posts
Any response from IBM?

This thread is the #1 hit when you Google "Poodle Domino IBM" so it would be a good place to update some status. Dave K., as always your input is appreciated but do we have an official word from IBM yet (maybe I missed it)? Right or wrong, I have customers that are freaking out.

Thanks!

Oct 20, 2014 5:43 PM
2 Posts
TLS and SHA-2 on Domino8.5.x

We require TLS and SHA-2 asap, even on Domino8.5.x !!

Oct 21, 2014 6:43 PM
2 Posts
ihs server setup

FWIW, we installed the reverse proxy IBM HTTP server on our test machine (win 2008 R2) without any problems so far, and removed SSLv3 without issues.  I just thought I'd mention, since others had reported difficulties.

We'd been warned there was a bug where IHS would quit if an admin logged into the server and then logged out, but we have not seen this problem.  The proxy server is 32-bit, but works fine with our 64-bit 9.01FP1 domino server (so far).

We have not done any heavy-duty testing, just "does it work" testing.

Oct 21, 2014 7:44 PM
3 Posts
Official statements from IBM regarding Domino, POODLE and SHA2

Regarding this post made above by Shaun Gibbs (21 Oct 2014 11:25)


As IBM haven't responded yet... Here are the latest updates that I have found:

http://www-01.ibm.com/support/docview.wss?uid=swg21418982

http://www-01.ibm.com/support/docview.wss?uid=swg21687167

 

I'd like to point out that both links above (i.e. Technotes 1687167 and 1418982) are official IBM statements, please note the following exerpt from Technote 1687167 - How is IBM Domino impacted by the POODLE attack?:

IBM intends to release Domino server Interim Fixes over the next several weeks that implement TLS 1.0 with TLS_FALLBACK_SCSV for HTTP to protect against the POODLE attack. Implementing TLS 1.0 for Domino will protect against the POODLE attack and will allow browsers to still connect to Domino after they have been changed to address the POODLE attack.

 

On a related note, and I stress this is NOT a commitment from IBM, but we are being told internally ..."We do not have the specific date when these fixes will be available, however the plan is to have them available for your customers well in advance of 25 Nov 2014." (emphasis provided in original internal blogpost - not my own).

Official tweets on the matter have been made by @IBM_ICSSupport - see https://twitter.com/IBM_ICSsupport/status/524571319803731968 and https://twitter.com/IBM_ICSsupport/status/524571629628575745 which refer to the above links.

 

Finally, and I'm sorry I have to do this, but...  IBM’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM’s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion.

Oct 21, 2014 8:15 PM
1 Posts
Any news on SMTP/LDAP/IMAP etc?

Can we expect additional statements about TLS support for other functions like SMTP and LDAP or is IBM only planning TLS support for HTTP?

 

Oct 21, 2014 11:44 PM
90 Posts
Don't worry, the other protocols have not been forgotten
The technote regarding the POODLE attack on web browsers was naturally focused on HTTP, whereas the technote for SSL/TLS certificates signed with SHA-2 was applicable for all protocols.  I'm rather busy at the moment, but will share what I can when I can.
Oct 22, 2014 9:36 AM
11 Posts
Microsoft ServerXMLHTTP-Object

"With this Interim Fix, Domino administrators will be able to configure Domino 9.x to use a SHA-2 certificate over HTTP, SMTP, LDAP, POP, and IMAP."

Thank you for this Information! :-) But what is the SSL-security level if i call an URL with the Microsoft ServerXMLHTTP-Object via LotusScript? As far as i know, the encryption comes from the application which calls this dll. It would be nice if there was a statement from IBM.

Thanks!

Bernd

Oct 23, 2014 1:27 PM
2 Posts
Workaround for email rejections based on "SSL bad peer certificate"

Here is a workaround for email rejections that worked for one of my clients:

Add to the sending Domino server's notes.ini:

RouterFallbackNonTLS=1

This might not be acceptable long-term, but at least it got the receiving server to quit rejecting messages.

Oct 24, 2014 3:54 AM
6 Posts
Interim Fix release date?

Any updates on when IBM will release this interim fix?

 

Just discovered this vulnerability on our PCI network scan

 

"SSLv3 Padding Oracle Attack Information Disclosure Vulnerability (POODLE)"

 

:o

Oct 24, 2014 3:54 AM
6 Posts
Interim Fix release date?

Any updates on when IBM will release this interim fix?

 

Just discovered this vulnerability on our PCI network scan

 

"SSLv3 Padding Oracle Attack Information Disclosure Vulnerability (POODLE)"

 

:o

Oct 29, 2014 8:35 AM
38 Posts
TLS for SMTP

Hi all,

Like Jeff and Simon, I am waiting for Domino to release TLS 1.0 for SMTP.

We recently stopped receiving emails from a certain company. It was hard to troubleshoot as the company that was unable to send us emails was the local branch of an international company and their email was hosted on a foreign provider. And they did not have local IT staff. After a lot of asking around we managed to get a server log extract with the technical reason for the failure: "TLS handshake failed."

And that is what brought me here...

Now if only IBM had sent us a communiqué to inform us about this vulnerability, maybe we would not have wasted days trying to figure out the problem...and lost important emails in the process...

And that would also have prevented a lot of user frustration.

I get lots of emails from IBM (e.g. Open Mic Webcast, Ask the Experts session). The last one I received was "IBM explores the next wave of technology." on the 27/10/14. I find it disturbing that when there is an issue that might affect mail delivery (which is critical), IBM did not notify us of this.

Also, is Traveler affected?

I found this: http://www-10.lotus.com/ldd/ndseforum.nsf/xpTopicThread.xsp?documentId=8906EA6748C9CFFC85257D7B0032AD66

But what about Android, BlackBerry 10 and Windows phone devices?

Kind regards.

Oct 31, 2014 10:49 AM
5 Posts
TLS and Domino

TLS 1.0 is standard since 1999 (RFC 2246).

IBM, you have slept through the last 15 years. It is YOUR FAULT that you didn't implement it earlier. Shame on you!

SSL 3.0 is dead.

Announcing a fix for the "next several weeks" (this can also be half a year) is NOT ENOUGH!

Finally get your ass up! And fix this. IMMEDIATELY!!!!!!!!

Nov 18, 2014 5:28 AM
11 Posts
PayPal will terminate SSL3.0

Hello,

PayPal has announced, that they will terminate the SSL3.0 at 3.12.2014. So i will repeat my question about the Microsoft ServerXMLHTTP-Object via LotusScript. The direction from PayPal to the Domino system will work with the apache based http-server. But the request from domino to PayPal? Thanks for any information!

Bernd